Firestore安全规则允许用户访问其数据 [英] Firestore security rules allow user access to their data
本文介绍了Firestore安全规则允许用户访问其数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想写一条这样的规则:
I want to write a rule like this:
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId}/{document=**} {
allow read, write: if request.auth.uid == userId;
}
}
}
也就是说,如果该用户是经过身份验证的用户,我想允许对该用户的所有数据执行所有读写操作.
That is, I want to allow all read and write operations to all of a user's data if that user is the authenticated user.
不幸的是,这不起作用.我收到一条错误消息,指出我无权访问数据.
Unfortunately that does not work. I get an error specifying that I don't have permission to access the data.
推荐答案
此代码解决了问题:
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId} {
allow read, write: if request.auth.uid == userId;
match /{document=**} {
allow read, write: if request.auth.uid == userId;
}
}
}
}
我认为是因为您需要授予对/users/{userId}
和/users/{userId}/{anyDoc=**}
的访问权限.
I think it's because you need to grant access to /users/{userId}
, as well as /users/{userId}/{anyDoc=**}
.
这篇关于Firestore安全规则允许用户访问其数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文